On Tue, 2004-12-28 at 16:39 +0100, Laurent CARON wrote: > David Baron wrote: > > >A home system with an email server, i.e. exim, need not lay "exposed" 24/7. > >Is > >there a way to write script to open a port such as SMTP/25 periodically for > >a > >certain amount of time, check for activity, wait till free and then close it. > > > >This would be a cron'ed equivalent of bringing up Guarddog or some other > >IPtables interface, enabling access, waiting a while and seeing no (or no > >more) activity, bringing it up again and disabling access. > > > > > > > > > use cron and iptables for it > > Allow new connection > wait 10/15 mins > forbid new connections but still allow established ones on port 25
Or you could just set up knockd on the box. It will be a lot safer since the port will only be opened when you request it with a particular knock sequence. With a cron job that port will end up being open to the world at particular times, regardless of who initiated the request. -- Alex Malinovich Support Free Software, delete your Windows partition TODAY! Encrypted mail preferred. You can get my public key from any of the pgp.net keyservers. Key ID: A6D24837
signature.asc
Description: This is a digitally signed message part
